Actually the PIX by default will allow fragmented packets. This can be a vulnerability for the PIX. A good policy is to enable FragGuard on the PIX. This insures the PIX sees the entire seegmented packet before letting it pass through its outside interface.
Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=61603&t=61441 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
